Microsoft ships v. 2.0 of MS06-015 patch

In a fairly unusual move, Microsoft has re-released MS06-015, Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531). Microsoft sent out an email to let folks know about that. Amazingly, while explaining why they were re-issuing the patch, they never mention what the patch is, nor specifically what went wrong, nor who should apply the new patch:

This bulletin has been re-released to
advise customers that revised versions of the security update
are available for all products listed in the “Affected Software”
section. Customers who have already applied the MS06-015 update
who are not experiencing the problem need take no action.

Here’s the quick scoop: Windows Explorer (the desktop, not the browser) has fundamentally changed the way it launches programs, and some programs that hooked into that behavior, including Hewlett-Packard’s “Share-to-Web”, older NVIDIA graphics drivers, Kerio firewall, and others, would fail to operate properly, lock up, or freeze after files are saved, especially to “My Documents” or other special folders. This patch allegedly fixes the problem.

Get Patching! Good Luck!

No comments yet.

Leave a Reply

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.